r346454 - Fix a use-after-free introduced by r344915.

Thu, 08 Nov 2018 16:29:08 -0800 

Author: adrian
Date: Thu Nov  8 16:26:15 2018
New Revision: 346454

URL: http://llvm.org/viewvc/llvm-project?rev=346454&view=rev
Log:
Fix a use-after-free introduced by r344915.

r344915 added a call to ApplyDebugLocation to the sanitizer check
function emitter. Some of the sanitizers are emitted in the function
epilogue though and the LexicalScopeStack is emptied out before. By
detecting this situation and early-exiting from ApplyDebugLocation the
fallback location is used, which is equivalent to the return location.

rdar://problem/45859802

Added:
    cfe/trunk/test/CodeGen/ubsan-debuglog-return.c
Modified:
    cfe/trunk/lib/CodeGen/CGDebugInfo.cpp

Modified: cfe/trunk/lib/CodeGen/CGDebugInfo.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CGDebugInfo.cpp?rev=346454&r1=346453&r2=346454&view=diff
==============================================================================
--- cfe/trunk/lib/CodeGen/CGDebugInfo.cpp (original)
+++ cfe/trunk/lib/CodeGen/CGDebugInfo.cpp Thu Nov  8 16:26:15 2018
@@ -3538,7 +3538,7 @@ void CGDebugInfo::EmitLocation(CGBuilder
   // Update our current location
   setLocation(Loc);
 
-  if (CurLoc.isInvalid() || CurLoc.isMacroID())
+  if (CurLoc.isInvalid() || CurLoc.isMacroID() || LexicalBlockStack.empty())
     return;
 
   llvm::MDNode *Scope = LexicalBlockStack.back();

Added: cfe/trunk/test/CodeGen/ubsan-debuglog-return.c
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/test/CodeGen/ubsan-debuglog-return.c?rev=346454&view=auto
==============================================================================
--- cfe/trunk/test/CodeGen/ubsan-debuglog-return.c (added)
+++ cfe/trunk/test/CodeGen/ubsan-debuglog-return.c Thu Nov  8 16:26:15 2018
@@ -0,0 +1,10 @@
+// RUN: %clang_cc1 -x c -debug-info-kind=line-tables-only -emit-llvm 
-fsanitize=returns-nonnull-attribute -o - %s | FileCheck %s
+// The UBSAN function call in the epilogue needs to have a debug location.
+
+__attribute__((returns_nonnull)) void *allocate() {}
+
+// CHECK: define nonnull i8* @allocate(){{.*}} !dbg
+// CHECK: call void @__ubsan_handle_nonnull_return_v1_abort
+// CHECK-SAME:  !dbg ![[LOC:[0-9]+]]
+// CHECK: ret i8*
+// CHECK-SAME:  !dbg ![[LOC]]


_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Reply via email to